[Fedora-directory-users] password sync documentation
lingu
hicheerup at gmail.com
Thu Jul 17 18:31:22 UTC 2008
HI,
Instead of creating symbolic links u can create all certificates in one
directory and copy into the directory instance directory.For example copy
all certficates inito /etc/dirsrv/slapd-xxx/.If any file is already existing
it will ask u for overwrite while copying tell yes to all.
Recently i implemented the user and pass sync from windows 2003 AD box.If
you have any query mail me back.
Regards
lingu
On Thu, Jul 17, 2008 at 4:49 PM, omight <omight at gmail.com> wrote:
> Hi,
> I'm trying to follow the documentation to setup synchronisation to
> windows active directory.
> >From the documentation:
>
> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Windows_Sync-Configuring_Windows_Sync.html
> [quote]
> 2. Create a new cert8.db and key.db using certutil.exe on the Password
> Sync machine.
> certutil.exe -d . -N
> ln -s slapd-serverID-cert8.db cert8.db
> ln -s slapd-serverID-key3.db key3.db
> [/quote]
>
> If I execute that in a new directory:
> # certutil.exe -d . -N
> # ln -s slapd-rhds-cert8.db cert8.db
> ln: creating symbolic link `cert8.db' to `slapd-rhds-cert8.db': File exists
>
> I don't follow why the ln -s should be executed? Why not start with part 3:
> On the Directory Server, export the server certificate using pk12util.
> pk12util -d . -o servercert.pfx -n Server-Cert
>
> Because SSL is already configured on this linux machine, so I guess I
> can use the server-cert from that cert8.db?
> Can someone clarify/confirm this? Thanks!
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080718/e96399da/attachment.html>
More information about the 389-users
mailing list